CVE-2013-5663

MEDIUM

The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4.1.x before 4.1.11, and 5.0.x before 5.0.2 allows remote attackers to bypass intended security policies via crafted requests that trigger invalid caching, as demonstrated by incorrect identification of HTTP traffic as SIP traffic, aka Ref ID 47195.

CVSS v2.0 Score

4.3

/ 10.0

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Information

Published: 31 août 2013
Updated: 29 avr. 2026
Status: Modified
Source: cve@mitre.org

Affected products

paloaltonetworks pan-osAll Palo Alto PAN-OS CVEs →

Versions : 4.0.8, 4.0.0, 4.0.1, 4.0.2, 4.0.3

Weaknesses (CWE)

CWE-264

References (8)

http://cansecwest.com/csw11/Network%20Application%20FW%20vs.%20Contemporary%20Threats%20%28Brad%20Woodberg%20-%20Final%29.pptx
http://pastie.org/pastes/5568186/text
Exploit
http://researchcenter.paloaltonetworks.com/2013/01/app-id-cache-pollution-update/
https://security.paloaltonetworks.com/CVE-2013-5663
http://cansecwest.com/csw11/Network%20Application%20FW%20vs.%20Contemporary%20Threats%20%28Brad%20Woodberg%20-%20Final%29.pptx
http://pastie.org/pastes/5568186/text
Exploit
http://researchcenter.paloaltonetworks.com/2013/01/app-id-cache-pollution-update/
https://security.paloaltonetworks.com/CVE-2013-5663

Similar CVEs

Other vulnerabilities of type CWE-264

Loading…

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring